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CLAIMS 



1. (currently amended) In a distributed network which is registered with a unique 
5 domain name, said network comprising a number of clients and a number of 
authentication servers, said clients and said authentication servers being 
communicatively coupled to each other via a global telecommunication network, each of 
said authentication servers having a fully qualified domain name which is a local host 
name with said unique domain name appended.a distributed authentication system, 
10 wherein a given user enters a global user identification (GUID) and a password for 
authentication to be carried out at a target authentication server, said GUID comprising 
a user name, a delimitation symbol, and a domain portion which is same as the Ideal 
host name of said target authentication server, said distributed authentication system 
comprising: 

15 a ciient m e ans for parsing an entered GUID and extracting said domain portion 

therefrom; 

means for appending said unique domain to said domain portion to form a fully 
qualified domain name (formed FQDN); 

means for translating said FQDN to an Internet Protocol (IP) address representing said 
20 target authentication server; 

means for sending said user name and password to said target authentication 
server for authentication; 

means for carrying out said authentication at the target authentication server and 
generating an authentication fesuit token that is. recognizable by all authentication 
25 servers registered in said distributed network; 

responsive to said generating said authentication resu l t token , 
means for distribut i ng and caching said authentication fesuit token on a 
participant authentication server; and at least ono of said 

means for distributing said authentication token to any participant authentication 
30 server[[sj] registered in said distributed network. 



2. (original) The distributed authentication system of Claim 1, further comprising: 
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means for automatically mapping any unrecognized FQDN into a default server 
which carries out authentication on the user's authentication request. 

3. (original) The distributed authentication system of Claim 1, wherein said means for 
5 translating consults a domain name system (DNS) to obtain an Internet Protocol (IP) 

address representing said target authentication server. 

4. (original) The distributed authentication system of Claim 1, wherein said means for 
translating consults a local mapping list to obtain an Internet Protocol (IP) address 

10 representing said target authentication server. 

5. (currently amended) A method for providing distributed authentication service, 
wherein a given user enters a global user identification (GUID) and a password for 
authentication to be carried out at a target authentication server, said GUID comprising 

15 a user name, a delimitation symbol, and a domain portion which is same as the local 
host name of said target authentication server, said method comprising the computer- 
implemented steps of: 

entering the user's GUID and password; 

parsing said entered GUID and extracting said domain portion from said GUID 
20 by a client ; . 

appending a unique domain name to said domain portion to form a fully qualified 
domain name (FQDN); 

looking up said FQDN in a domain name system (DNS) to obtain an address 
representing said target authentication server; 
25 sending said user name and password to said target authentication server for 

authentication; 

carrying out said authentication at the target authentication server and 
generating ah authentication r e su l t token that is recognizable by all authentication 
servers registered in a associated distributed network; and 
30 responsive to said generating said authentication result, 

d i stributing and caching said authentication result on a participant authentication 
server; and 

. 3 \ 
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distributing said authentication token to any at l e ast on e of said authentication 
server[[s]] registered in said distributed network. 

6. (original) The method of Claim 5, further comprising the steps of: 

5 if said step of looking up fails, automatically mapping an unrecognized FQDN 

into a default server which performs authentication on the user's authentication request. 

7. (currently amended) In a distributed network which is registered with a unique 
domain name, said network comprising a number of clients and a number of 

10 authentication servers, said clients and said authentication servers being 
communicatively coupled to each other via a global telecommunications network, each 
of said authentication servers having a fully qualified domain name Which is a local host 
name with said unique domain name appended, a method for providing distributed 
authentication service, wherein a given user enters a global user identification (GUID) 

15 and a password for authentication to be carried out at a target authentication server, 
said GUID comprising a user name, a delimitation symbol and a domain portion which 
is same as the local host name of said target authentication server, said method 
comprising the steps of: 

entering the user's GUID and password; 

20 parsing entered GUID and extracting said domain portion from said GUID by a 

client ; 

appending said unique domain name to said domain portion to form a fully 
qualified domain name (FQDN); 

. checking a local list of registered fully qualified domain names (FQDN) to obtain 
25 an Internet Protocol (IP) address for said target authentication server, wherein each 
FQDN in said local list is mapped to a unique IP address; 

sending said user name and password to said target authentication server for 
authentication; 

carrying out said authentication at the target authentication server and 
30 generating an authentication result token that is recognizable by all authentication 
servers registered in said distributed network; and 

responsive to said generating; said authentication result, 

• '. 4 ■ ' ■ 

PAGE 5/13 ■ RCVD AT 1/17/2007 4:50:12 PM [Eastern Standard TimeJ * SVR:USPTO-EFXRF-2;i6 * DNIS:2738300 * CSID:650 474 8401 • DURATION (mm-ss):05-50 



01/17/2007 WED 13:53 FAX 650 474 8401 



0006/013 



Serial No. 10/086,104 

d i stributing and caching said authentication result token on a participant 
authentication server: and 

distributing said authentication to'ke "to any participant at l o ast one - of said 
authentication server[[s]] registered in said distributed network. 

5 

8. (original) The method of Claim 7, further comprising the step of: 

if said step of checking fails, automatically mapping, an unrecognized FQDN into 
a default server which performs authentication on the user's authentication request. 

10 9. (currently amended) In a distributed network which is registered with a unique 
domain name, said network comprising a number of clients and a number of 
authentication servers, said clients and said authentication servers being 
communicatively coupled to each other vra a global telecommunications network, each 
of said authentication servers having a fully qualified domain name which is a local host 

15 name with said unique domain name appended, a method for providing distributed 
authentication service, wherein a given user enters a global user identification (GUI D) 
and a password for authentication to be carried out at a target authentication server, 
said GUID comprising a user name, a delimitation symbol and a domain portion which 
is same as the local host name of said target authentication server, said method 

20 comprising the computer-implemented steps of: 
entering the user's GUID and password; 

parsing said GUID and extracting said domain portion by a client : 
appending said unique domain name to said domain portion to form a fully 
qualified domain name (FQDN) in said unique domain; 
25 checking a local list of registered fully qualified domain names (RFQDN) to 

obtain an Internet Protocol (IP) address for said target authentication server, wherein 
each RFQDN in said local list is mapped to a unique IP address; 

if said step of checking fails, looking up a domain name system (DNS) to obtain 
an Internet Protocol (IP) address representing said FQDN; 
30 . sending said user name and password to said target authentication server for 

authentication; 

5 
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carrying out said authentication at the target authentication server and 
generating an authentication r e sult token that is recognizable by all authentication 
servers registered in said distributed network; and 

responsive to said generating said authentication result, 
5 distributing and caching said authentication festrit token on a participant 

authentication server: and 

a t least one of said distributing said authentication result to any participant 
authentication server[[s]] registered in said distributed network. 

10 10. (original) The method of Claim 9 r further comprising the step of: 

if said step of looking up fails, automatically mapping an unrecognized FQDN 
into a default server which performs authentication on the user's authentication request. 

11. (currently amended) A method for providing distributed authentication service, 
15 wherein a given user enters a global user identification (GUID) and a password for 
authentication to be carried out at a target authentication server, said GUID comprising 
a user name, a delimitation symbol and said target authentication server's domain 
name, said method comprising the steps of: 

entering the user's GUID and password; 
20 parsing said entered GUID and extracting said target authentication server's 

domain name by said client : 

pre-pending said common local host name to said target authentication server's 
domain name to form a fully qualified domain name (FQDN); 

checking a local list of registered fully qualified domain names (RFQDN) to 
25 obtain an address for said target authentication server, wherein each RFQDN in said 
local is mapped to a unique address; 

sending said user name and password to said target authentication server for 
authentication; 

carrying out said authentication at the target, authentication server and 
30 generating an authentication result that is recognizable by all authentication servers 
registered in a associated distributed network; and 

responsive to said generating sard authentication result, 

6 
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di s tr i but i ng and caching said authentication r e sult token on a participant 
authentication server; and 

at loact on e of s aid distributing said authentication result to any authentication 
server[[s]] registered in said distributed network. 

5 

12. (original) The method of Claim 11, further comprising the step of: 

if said step of checking fails, looking up said FQDN in a domain name system (DNS) to 
obtain an address representing said target authentication server. 

10 

13. (original) The method of Claim 12, further comprising the steps of: 

if said step of looking up fails, automatically mapping an unrecognized FQDN 
into a default server which performs authentication on the user's authentication request. 

15 14. (currently amended) In a distributed network comprising a number of clients and 
a number of authentication servers, said clients and said authentication servers being 
communicatively coupled to each other via a global telecommunications network, each 
of said authentication servers having a fully qualified domain name which is a local host 
name with its domain name appended, a method for providing distributed authentication 

20 service, wherein a given user enters a global user identification (GUID) and a password 
for authentication to be carried out at a target authentication server, said GUID 
comprising a user name, a delimitation symbol and said target authentication server's 
domain name, said method comprising the steps of: 
entering the user's GUID and password; 

25 parsing said entered GUJD and extracting said target authentication server's 

domain name by a client ; 

checking a local list of domain names to obtain an Internet Protocol (IP) address 
for said target authentication server, wherein each domain name in said list is mapped 
to a registered authentication server's IP address; 

30 sending said user name and password to said target authentication server for 

authentication; 

7 
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carrying out said authentication at the target authentication server and 
generating an authentication result that is recognizable by all authentication servers 
registered in said associated distributed network; and 

responsive to said generating said authentication result, 

distr i buting and caching said authentication result token on a participant 
authentication server; and 

at l e ast - on e - of - said distributing said authentication result to any participant 
authentication server[[s]] registered in said distributed network. 

15. (original) The method of Claim 14, further comprising the step of: 

if said step of checking fails, automatically mapping an unrecognized domain 
name into a default server which performs authentication on the user's authentication 
request 



8 
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